From ad955792a8ade5c0015aa3d68f86b1035c1acc31 Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Wed, 22 Jan 2014 11:30:52 -0500
Subject: [PATCH] Fixed bug from previous commit

---
 interface/lib/classes/remoting.inc.php |  120 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++---
 1 files changed, 114 insertions(+), 6 deletions(-)

diff --git a/interface/lib/classes/remoting.inc.php b/interface/lib/classes/remoting.inc.php
index a9af3e3..ccb70e7 100644
--- a/interface/lib/classes/remoting.inc.php
+++ b/interface/lib/classes/remoting.inc.php
@@ -156,16 +156,124 @@
 	}
 	
 	/**
-	Gets the ISPconfig version of the server
-	@param int session_id
-	@author Sascha Bay <info@space2place.de> TheCry 2013
-	*/
-	public function server_get_app_version($session_id) {
-		global $app;
+	    Gets the server_id by server_name
+	    @param int session_id
+	    @param int server_name
+	    @author Sascha Bay <info@space2place.de> TheCry 2013
+    */
+	public function server_get_serverid_by_name($session_id, $server_name)
+    {
+        global $app;
 		if(!$this->checkPerm($session_id, 'server_get')) {
+        	$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+            return false;
+		}
+		if (!empty($session_id) && !empty($server_name)) {
+			$sql = "SELECT server_id FROM server WHERE server_name  = '$server_name' LIMIT 1 ";
+			$all = $app->db->queryAllRecords($sql);
+			return $all;
+		} else {
+			return false;
+		}
+	}
+	
+	/**
+	    Gets the functions of a server by server_id
+	    @param int session_id
+	    @param int server_id
+	    @author Sascha Bay <info@space2place.de> TheCry 2013
+    */
+	public function server_get_functions($session_id, $server_id)
+    {
+        global $app;
+		if(!$this->checkPerm($session_id, 'server_get')) {
+        	$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+            return false;
+		}
+		if (!empty($session_id) && !empty($server_id)) { 
+			$sql = "SELECT mail_server, web_server, dns_server, file_server, db_server, vserver_server, proxy_server, firewall_server FROM server WHERE server_id  = '$server_id' LIMIT 1 ";
+			$all = $app->db->queryAllRecords($sql);
+			return $all;
+		} else {
+			return false;
+		}
+	}
+	
+	/**
+	 * set record permissions in any table
+	 * @param string session_id
+	 * @param string index_field
+	 * @param string index_value
+	 * @param array permissions
+	 * @author "ispcomm", improved by M. Cramer <m.cramer@pixcept.de>
+	 */
+	public function update_record_permissions($tablename, $index_field, $index_value, $permissions) {
+		global $app;
+		
+		if(!$this->checkPerm($session_id, 'admin_record_permissions')) {
 			$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
 			return false;
 		}
+		
+		foreach($permissions as $key => $value) {  // make sure only sys_ fields are updated
+			switch($key) {
+				case 'sys_userid':
+					// check if userid is valid
+					$check = $app->db->queryOneRecord('SELECT userid FROM sys_user WHERE userid = ' . $app->functions->intval($value));
+					if(!$check || !$check['userid']) {
+						$this->server->fault('invalid parameters', $value . ' is no valid sys_userid.');
+						return false;
+					}
+					$permissions[$key] = $app->functions->intval($value);
+					break;
+				case 'sys_groupid':
+					// check if groupid is valid
+					$check = $app->db->queryOneRecord('SELECT groupid FROM sys_group WHERE groupid = ' . $app->functions->intval($value));
+					if(!$check || !$check['groupid']) {
+						$this->server->fault('invalid parameters', $value . ' is no valid sys_groupid.');
+						return false;
+					}
+					$permissions[$key] = $app->functions->intval($value);
+					break;
+				case 'sys_perm_user':
+				case 'sys_perm_group':
+					// check if permissions are valid
+					$value = strtolower($value);
+					if(!preg_match('/^[riud]+$/', $value)) {
+						$this->server->fault('invalid parameters', $value . ' is no valid permission string.');
+						return false;
+					}
+					
+					$newvalue = '';
+					if(strpos($value, 'r') !== false) $newvalue .= 'r';
+					if(strpos($value, 'i') !== false) $newvalue .= 'i';
+					if(strpos($value, 'u') !== false) $newvalue .= 'u';
+					if(strpos($value, 'd') !== false) $newvalue .= 'd';
+					$permissions[$key] = $newvalue;
+					unset($newvalue);
+					
+					break;
+				default:
+					$this->server->fault('invalid parameters', 'Only sys_userid, sys_groupid, sys_perm_user and sys_perm_group parameters can be changed with this function.');
+					break;
+			}
+		}
+		
+		return $app->db->datalogUpdate( $tablename, $permissions, $index_field, $index_value ) ;
+	}
+	
+	/**
+	    Gets the ISPconfig version of the server
+	    @param int session_id
+	    @author Sascha Bay <info@space2place.de> TheCry 2013
+    */
+	public function server_get_app_version($session_id)
+    {
+        global $app;
+		if(!$this->checkPerm($session_id, 'server_get')) {
+        	$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+            return false;
+		}
 		if (!empty($session_id)) { 
 			$ispc_app_version = array('ispc_app_version' => ISPC_APP_VERSION);
 			return $ispc_app_version;

--
Gitblit v1.9.1